You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. PrivacyTools provides services, tools and knowledge to protect your privacy against global mass surveillance.

Glenn Greenwald: Why privacy matters Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." Not a single person has taken me up on that offer.

The primary reason for window curtains in our house, is to stop people from being able to see in. The reason we don’t want them to see in is because we consider much of what we do inside our homes to be private. Whether that be having dinner at the table, watching a movie with your kids, or even engaging in intimate or sexual acts with your partner. None of these things are illegal by any means but even knowing this, we still keep the curtains and blinds on our windows. We clearly have this strong desire for privacy when it comes to our personal life and the public.

[...] But saying that you don't need or want privacy because you have nothing to hide is to assume that no one should have, or could have, to hide anything -- including their immigration status, unemployment history, financial history, and health records. You're assuming that no one, including yourself, might object to revealing to anyone information about their religious beliefs, political affiliations, and sexual activities, as casually as some choose to reveal their movie and music tastes and reading preferences.

Read also:


Ultimately, saying that you don't care about privacy because you have nothing to hide is no different from saying you don't care about freedom of speech because you have nothing to say. Or that you don't care about freedom of the press because you don't like to read. Or that you don't care about freedom of religion because you don't believe in God. Or that you don't care about the freedom to peacably assemble because you're a lazy, antisocial agoraphobe.

The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under.

We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we're not being watched can we really test the limits of who we want to be. It's really in the private realm where dissent, creativity and personal exploration lie.

Global Mass Surveillance - The Fourteen Eyes

UKUSA Agreement

The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the Five Eyes, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to not spy on each other as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other's citizens and share intelligence to avoid breaking domestic laws that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes); however, Five Eyes and third-party countries can and do spy on each other.

Five Eyes

  1. Australia
  2. Canada
  3. New Zealand
  4. United Kingdom
  5. United States of America

Nine Eyes

  1. Denmark
  2. France
  3. Netherlands
  4. Norway

Fourteen Eyes

  1. Belgium
  2. Germany
  3. Italy
  4. Spain
  5. Sweden

Key Disclosure Law

Who is required to hand over the encryption keys to authorities?

Mandatory key disclosure laws require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.

Steganography involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).

Key disclosure laws may apply

Key disclosure laws don't apply

* (people who know how to access a system may be ordered to share their knowledge, however, this doesn't apply to the suspect itself or family members.)

Related Information

Why is it not recommended to choose a US-based service?


Services based in the United States are not recommended because of the country's surveillance programs and use of National Security Letters (NSLs) with accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to secretly force companies to grant complete access to customer data and transform the service into a tool of mass surveillance.

An example of this is Lavabit – a secure email service created by Ladar Levison. The FBI requested Snowden's records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service's SSL keys. Having the SSL keys would allow them to access communications (both metadata and unencrypted content) in real time for all of Lavabit's customers, not just Snowden's.

Ultimately, Levison turned over the SSL keys and shut down the service at the same time. The US government then threatened Levison with arrest, saying that shutting down the service was a violation of the court order.

Related Information

Recommended VPN Services


Mullvad EUR €60/Year is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial.

35 Countries

Mullvad has servers in 35 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

Independently Audited

Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at The security researchers concluded:

...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

Open Source Clients

Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.

Accepts Bitcoin

Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.

WireGuard Support

In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.

IPv6 Support

Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

Remote Port Forwarding

Remote port forwarding is allowed on Mullvad, see Port forwarding with Mullvad VPN.

No Mobile Clients

While iOS and Android clients are reportedly in the works, mobile users will need to use a traditional OpenVPN client and configuration files, which are a bit more difficult to configure.

Extra Functionality

The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.


ProtonVPN Free USD $96/year is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.

44 Countries

ProtonVPN has servers in 44 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

Independently Audited

As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at

Open Source Clients

ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.

Accepts Bitcoin

ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.

Mobile Clients

In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for iOS or Android allowing for easy connections to their servers.

No Port Forwarding

ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.

Extra Functionality

The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.


IVPN Standard USD $60/Year Pro USD $100/Year is another premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar and offers a 3 day free trial.

32 Countries

IVPN has servers in 32 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

Independently Audited

IVPN has undergone a no-logging audit from Cure53 which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a comprehensive pentest report Cure53 in January 2020. IVPN has also said they plan to have annual reports in the future.

Open Source Clients

As of Feburary 2020 IVPN applications are now open source. Source code can be obtained from their GitHub organization.

Accepts Bitcoin

In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin and cash/local currency (on annual plans) as anonymous forms of payment.

Remote Port Forwarding

Remote port forwarding is possible with a Pro plan. Port forwarding can be activated via the client area. Port forwarding is only available on IVPN when using OpenVPN and is disabled on US servers.

Mobile Clients

In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for iOS or Android allowing for easy connections to their servers.

Extra Functionality

The IVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.

What is a warrant canary?

Warrant Canary Example

A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.

Warrant Canary Examples:


Related Warrant Canary Information

Browser Recommendations For Desktop


Firefox logo Firefox is fast, reliable, open-source, and respects your privacy. Don't forget to adjust the settings according to our recommendations: Privacy Add-ons WebRTC about:config tweaks.

Tor Browser - Provides Anonymity

Tor Browser - Provides Anonymity logo Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy. How does Tor work?

Browser Recommendations For Android


Firefox logo Firefox is fast, reliable, open-source, and respects your privacy. Don't forget to adjust the settings according to our recommendations: Privacy Add-ons WebRTC about:config tweaks.

Tor Browser - Provides Anonymity

Tor Browser - Provides Anonymity logo Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption and an advanced proxy. How does Tor work?


Bromite logo Bromite is a Chromium-based browser with privacy and security enhancements, built-in adblocking and DNS over HTTPS support; it includes patches from ungoogled-chromium and other privacy-focused projects. More info can be found on the official website.

Worth Mentioning for Android

Browser Recommendations For iOS


Firefox logo Firefox is fast, reliable, open-source, and respects your privacy. Note: Because of limitations set by Apple in iOS, our recommended tweaks cannot be applied. However, Firefox for iOS has an Enhanced Tracking Protection feature that uses a list provided by Disconnect to identify and block ad, social, and analytics trackers, as well as cryptominers and fingerprinters.

Onion Browser

Onion Browser logo Onion Browser is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the Tor Project. Warning: there are certain anonymity-related issues with Onion Browser due to iOS limitations.

DuckDuckGo Privacy Browser

DuckDuckGo Privacy Browser logo DuckDuckGo Privacy Browser is an open-source web browser that has built-in ad and tracker blocking and utilizes ToS;DR to rate the privacy policies of the sites you visit.

Worth Mentioning for iOS

Browser Fingerprint - Is your browser configuration unique?

When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using cookies. EFF created a Tool called Panopticlick to test your browser to see how unique it is.

Test your Browser now

You need to find what most browsers are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should have a spoofed user-agent string to match what the large userbase has. You need to have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or even using the Tor Browser Bundle, will make your browser stick out from the masses.

Modern web browsers have not been architected to assure personal web privacy. Rather than worrying about being fingerprinted, it seems more practical to use free software plugins like Privacy Badger and uBlock Origin. They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint.

Firefox Addon: CanvasBlocker

Related Information

WebRTC IP Leak Test - Is your IP address leaking?

While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe.

Test your Browser now

How to disable WebRTC in Firefox?

In short: Set "media.peerconnection.enabled" to "false" in "about:config".


  1. Enter "about:config" in the firefox address bar and press enter.
  2. Press the button "I'll be careful, I promise!"
  3. Search for "media.peerconnection.enabled"
  4. Double click the entry, the column "Value" should now be "false"
  5. Done. Do the WebRTC leak test again.

If you want to make sure every single WebRTC-related setting is really disabled change these settings:

  1. media.peerconnection.turn.disable = true
  2. media.peerconnection.use_document_iceservers = false
  3. = false
  4. media.peerconnection.identity.timeout = 1

Now you can be 100% sure WebRTC is disabled.

Test your Browser again

How to fix the WebRTC Leak in Google Chrome?

WebRTC cannot be fully disabled in Chrome; however, it is possible to change its routing settings (and prevent leaks) using an extension. Two open-source solutions include WebRTC Leak Prevent (options may need to be changed depending on the scenario), and uBlock Origin (select "Prevent WebRTC from leaking local IP addresses" in Settings).

What about other browsers?

Chrome on iOS, Internet Explorer and Safari does not implement WebRTC yet. But we recommend using Firefox on all devices.

Recommended Browser Add-ons

uBlock Origin: Block Ads and Trackers

uBlock Origin: Block Ads and Trackers logo uBlock Origin is an efficient wide-spectrum blocker that is easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source.

HTTPS Everywhere: Secure Connections

HTTPS Everywhere: Secure Connections logo HTTPS Everywhere enables encryption of your connections to many major websites, making your browsing more secure. It is a collaboration between The Tor Project and the Electronic Frontier Foundation.

Decentraleyes: Block Content Delivery Networks

Decentraleyes: Block Content Delivery Networks logo Decentraleyes emulates Content Delivery Networks locally by intercepting requests, finding the required resource, and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required.

Cookie AutoDelete: Automatically Delete Cookies

Cookie AutoDelete: Automatically Delete Cookies logo Cookie AutoDelete automatically removes cookies, lingering sessions, and other information that can be used to spy on you when they are no longer used by open browser tabs.

Terms of Service; Didn’t Read: Be Informed

Terms of Service; Didn’t Read: Be Informed logo Terms of Service; Didn’t Read is an addon that believes "I have read and agree to the Terms of Service" is the biggest lie on the web, and wants to fix it by grading websites based on their terms of service agreements and privacy policies. It also gives short summaries of those agreements. The analysis and ratings are published transparently by a community of reviewers.


Snowflake logo Snowflake is a new pluggable transport from the Tor Project. If you have an uncensored connection, running this extension volunteers your connection to be used as a Snowflake proxy to help users unable to connect to the Tor network. Your IP will not be visible to the sites users visit using your proxy, as this extension will not make you an exit node. If your access to the Tor network is blocked, this extension will not assist you, and you should use the Tor Browser instead.

Privacy Badger: Stop Tracking

Privacy Badger: Stop Tracking logo Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. Privacy Badger learns about trackers as you browse.

For Power Users Only

uMatrix: Stop Cross-Site Requests

uMatrix: Stop Cross-Site Requests logo uMatrix gives you control over the requests that websites make to other websites. Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics.

NoScript Security Suite: Be in total control

NoScript Security Suite: Be in total control logo NoScript is a highly customizable plugin to selectively allow JavaScript, Java, and Flash to run only on websites you trust. Not for casual users, it requires technical knowledge to configure.

Firefox: Privacy Related "about:config" Tweaks


  1. Enter "about:config" in the firefox address bar and press enter.
  2. Press the button "Accept the Risk and Continue" [FF71+] or "I accept the risk".
  3. Follow the instructions below...

Getting started:

privacy.firstparty.isolate = true
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)
privacy.resistFingerprinting = true
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser fingerprinting.
privacy.trackingprotection.fingerprinting.enabled = true
[FF67+] Blocks Fingerprinting
privacy.trackingprotection.cryptomining.enabled = true
[FF67+] Blocks CryptoMining
privacy.trackingprotection.enabled = true
This is Mozilla's new built-in tracking protection. It uses filter list, which is redundant if you are already using uBlock Origin 3rd party filters, therefore you should set it to false if you are using the add-on functionalities.
browser.send_pings = false
The attribute would be useful for letting websites track visitors' clicks.
browser.sessionstore.max_tabs_undo = 0
Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -> History -> Recently Closed Tabs.
browser.urlbar.speculativeConnect.enabled = false
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. Source
dom.event.clipboardevents.enabled = false
Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.
media.eme.enabled = false

Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. Details

DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.

media.gmp-widevinecdm.enabled = false
Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. Details
media.navigator.enabled = false
Websites can track the microphone and camera status of your device.
network.cookie.cookieBehavior = 1
Disable cookies
  • 0 = Accept all cookies by default
  • 1 = Only accept from the originating site (block third-party cookies)
  • 2 = Block all cookies by default
network.http.referer.XOriginPolicy = 2
Only send Referer header when the full hostnames match. (Note: if you notice significant breakage, you might try 1 combined with an XOriginTrimmingPolicy tweak below.) Source
  • 0 = Send Referer in all cases
  • 1 = Send Referer to same eTLD sites
  • 2 = Send Referer only when the full hostnames match
network.http.referer.XOriginTrimmingPolicy = 2
When sending Referer across origins, only send scheme, host, and port in the Referer header of cross-origin requests. Source
  • 0 = Send full url in Referer
  • 1 = Send url without query string in Referer
  • 2 = Only send scheme, host, and port in Referer
Looking for TRR, DoH or ESNI?
They have moved to our DNS page.
webgl.disabled = true
WebGL is a potential security risk. Source
browser.sessionstore.privacy_level = 2
This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. Details
  • 0 = Store extra session data for any site. (Default starting with Firefox 4.)
  • 1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.)
  • 2 = Never store extra session data.
network.IDN_show_punycode = true
Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. Source

Firefox user.js Templates

  • ghacks-user.js - An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting.

Related Information

Privacy-Conscious Email Providers - No Affiliates

Email Provider Website Since Jurisdiction Storage Yearly Price Bitcoin Encryption Own Domain
Disroot 2015 Netherlands 1 GB Free Accepted Built-in Yes
Kolab Now 2010 Switzerland 2 GB $ 60 Accepted Built-in Yes 2014 Germany 2 GB 12 € No Built-in Yes
Mailfence 2013 Belgium 500 MB Free Accepted Built-in Yes
Posteo 2009 Germany 2 GB 12 € No Built-in No
ProtonMail 2013 Switzerland 500 MB Free Accepted Built-in Yes
Runbox 1999 Norway 1 GB $ 19.95 Accepted No Yes
Soverin 2015 Netherlands 25 GB 29 € No No Yes
StartMail 2014 Netherlands 10 GB $ 59.95 Accepted Built-in Yes
Tutanota 2011 Germany 1 GB Free No Built-in Yes

Interesting Email Providers Under Development

  • Confidant Mail - An open-source non-SMTP cryptographic email system optimized for large file attachments. It is a secure and spam-resistant alternative to regular email and online file drop services. It uses GNU Privacy Guard (GPG) for content encryption and authentication, and TLS 1.2 with ephemeral keys for transport encryption.

Become Your Own Email Provider


Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It's sort of like making your own Gmail, but one you control from top to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don't need to be a technology expert to set it up. More:


Mailcow is a slightly more advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: A mailserver with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support. More: Mailcow Dockerized docs

Email Clients


Thunderbird logo Thunderbird is a free, open source, cross-platform email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client developed by the Thunderbird community, and previously by the Mozilla Foundation.

Claws Mail

Claws Mail logo Claws Mail is a free and open source, GTK-based email and news client. It offers easy configuration and an abundance of features. It is included with Gpg4win, an encryption suite for Windows.

Privacy Email Tools

  • gpg4usb - A very easy to use and small portable editor to encrypt and decrypt any text-message or -file. For Windows and Linux. GPG tutorial.
  • Mailvelope - A browser extension that enables the exchange of encrypted emails following the OpenPGP encryption standard.
  • Enigmail - A security extension to Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.
  • TorBirdy - TorBirdy configures Thunderbird to make connections over the Tor anonymity network. This extension is in beta and should be considered experimental.
  • Email Privacy Tester - This tool will send an Email to your address and perform privacy-related tests.

Worth Mentioning

  • K-9 Mail - An independent mail application for Android. It supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP.
  • GNU Privacy Guard - Email Encryption. GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. Tutorial. Use GPGTools for macOS.
  • Mailpile (Beta) - A modern, fast web-mail client with user-friendly encryption and privacy features.

Privacy Respecting Search Engines

searx - Decentral

searx - Decentral logo searx is an open-source metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking. There is a list of public instances, or you can try the PrivacyTools Search

DuckDuckGo - USA

DuckDuckGo - USA logo DuckDuckGo is a "search engine that doesn't track you." Some of DuckDuckGo's code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.

Qwant - France

Qwant - France logo Qwant is a search engine with its philosophy based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013.

Firefox Addon

  • Google search link fix - Firefox extension that prevents Google and Yandex search pages from modifying search result links when you click them. This is useful when copying links but it also helps privacy by preventing the search engines from recording your clicks. (Open Source)

Worth Mentioning

  • YaCy - A free-software P2P search engine powered by its users.
  • Jive Search - A free-software search engine with a similar look and feel to Google.
  • MetaGer - An open-source metasearch engine, which is based in Germany. It focuses on protecting the user's privacy.
  • Mojeek - Independent and unbiased search results with no user tracking.

Encrypted Instant Messengers

We only recommend instant messenger programs or apps that support end-to-end encryption (E2EE). When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted before they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).

All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.

We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.


Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.


  • New features and changes can be implemented more quickly.
  • Easier to get started with and to find contacts.



Signal logo Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been indepedently audited (PDF) Requires phone number VoIP


Keybase logo Keybase provides a hosted team chat with E2EE. Its protocol has also been indepedently audited (PDF). Keybase can help you prove you own social media accounts though the use of cryptographic signing of "identity proofs". Warning


Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.


  • Allows for greater control over your own data when running your own server.
  • Allows you to choose who to trust your data with by choosing between multiple "public" servers.
  • Often allows for third party clients which can provide a more native, customized, or accessible experience.
  • Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
  • Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
  • Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.


  • Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
  • Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
  • Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
  • Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.


Matrix logo Matrix is an open-source project that publishes the Matrix open standard for secure, decentralized, real-time communication. is the popular reference client produced by the team. It offers optional E2EE for 1:1 and group conversations that must be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be on by default.

Worth Mentioning

  • Other Matrix clients, that may however be less feature complete than
  • XMPP (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). OMEMO is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). Inconsistent E2EE
  • Kontalk is a community-driven instant messaging network based on XMPP.

Peer to Peer (P2P)

Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a distributed computing network. Examples of this include DHT (distributed hash table) (used with technologies like torrents and IPFS, for example), or Ethereum's Whisper protocol (used with some newer DApps). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the Scuttlebutt social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.


  • Minimal information is exposed to third parties.
  • Modern P2P platforms implement end-to-end encryption by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.


  • Reduced feature set:
    • Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
    • Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
  • Your IP address and that of the contacts you're communicating with may be visible if you do not use the software in conjunction with a self contained network, such as Tor or I2P. Many countries have some form of mass surveillance and/or metadata retention.


Briar logo Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis.


Jami logo Encrypted instant messaging and video calling software. Uses TLS 1.3 for encryption. VoIP


Tox logo Encrypted instant messaging and video calling software. Uses its own encryption protocol that has not yet been officially audited by cryptographers. Experimental VoIP

Worth Mentioning

  • - Encrypted instant messenger with an integrated Ethereum wallet (cryptocurrency) that also includes support for DApps (decentralized apps) (web apps in a curated store). Uses the Whisper protocol for P2P communication. Experimental
  • Retroshare - Encrypted instant messaging and voice/video call client. RetroShare supports both Tor and I2P.
  • Bitmessage is a decentralized, encrypted, peer-to-peer, trustless communications protocol that can be used by one person to send encrypted messages to another person, or to multiple subscribers.

Video/Voice Calling


Linphone logo Linphone is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication.


Mumble logo Mumble is an open-source, low-latency, and high quality voice chat application primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, it's missing end-to-end encryption, so self-hosting is recommended.

Worth Mentioning

  • Jitsi Meet - Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application. Requires WebRTC

Related Information

Team Chat Platforms


Matrix logo Matrix is an open-source project that publishes the Matrix open standard for secure, decentralized, real-time communication. is the popular reference client produced by the team. It offers optional E2EE for 1:1 and group conversations that must be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be on by default. logo is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE. Experimental E2EE


Keybase logo Keybase provides a hosted team chat with E2EE. Its protocol has also been indepedently audited (PDF). Keybase can help you prove you own social media accounts through the use of cryptographic signing of "identity proofs". Warning

File Sharing

Firefox Send

Firefox Send logo Firefox Send uses end-to-end encryption to keep your data secure from the moment you share to the moment your file is opened. It also offers security controls that you can set. You can choose when your file link expires, the number of downloads, and whether you would like to add a password for an extra layer of security. Warning


OnionShare logo OnionShare is an open-source tool that lets you securely and anonymously share a file of any size. It works by starting a web server accessible as a Tor onion service, with an unguessable URL that you can share with the recipients to download or send files.

Magic Wormhole

Magic Wormhole logo Magic Wormhole is a package that provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. Their motto: "Get things from one computer to another, safely."

Worth Mentioning

  • FramaDrop - Stores a file of any size for 24h. Data is end-to-end encrypted from your browser, powered by LuFi.
  • croc - Easily and securely send arbitrary-sized files from one computer to another. Similar to Magic Wormhole but without dependencies.
  • FreedomBox - Designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or XMPP server, to a wiki, or VPN.

Encrypted Cloud Storage Services

Nextcloud - Choose your hoster

Nextcloud - Choose your hoster logo Nextcloud is a suite of client-server software for creating your own file hosting services on a private server you control. Nextcloud is free and open-source, and supports end-to-end encryption with many of its clients. The only limits on storage and bandwidth are the limits on the server provider you choose.

Worth Mentioning

  • Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
  • CryptPad - Free and end-to-end encrypted real time collaboration sharing folders, media, and documents.

Self-Hosted Cloud Server Software


Nextcloud logo Nextcloud is a suite of client-server software for creating your own file hosting services on a private server you control. Nextcloud is free and open-source, and supports end-to-end encryption with many of its clients. The only limits on storage and bandwidth are the limits on the server provider you choose.


Tahoe-LAFS logo Tahoe-LAFS is a free and open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security.

Worth Mentioning

  • CryptPad - An open-source and end-to-end encrypted real-time collaborative editor that lets you share folders, media, and documents.

Secure Hosting Provider

Data Center: Bahnhof

Data Center: Bahnhof logo Bahnhof is one of Sweden’s largest network operators, founded in 1994. They specialize in innovative data center construction: Extreme security coupled with low-cost green energy has made them world famous.

VPS & Domain: Njalla

VPS & Domain: Njalla logo Njalla is a privacy-aware domain registration service and VPS provider based in Nevis (with VPS data centers in Sweden). It is created by people from The Pirate Bay and IPredator VPN. Accepted payments: Bitcoin, Litecoin, Monero, Zcash, DASH, Bitcoin Cash and PayPal.

Colocation: DataCell

Colocation: DataCell logo DataCell is a data center providing secure colocating in Switzerland and Iceland.

VPS, Hosting, & Domain: Orange Website

VPS, Hosting, & Domain: Orange Website logo Orange Website is an Icelandic web hosting provider that prides themselves in protecting online privacy and free speech.

File Sync


Syncthing logo Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third-party, and how it is transmitted over the Internet.


SparkleShare logo SparkleShare creates a special folder on your computer. You can add remotely hosted folders (or "projects") to this folder. These projects will be automatically kept in sync with both the host and all of your peers when someone adds, removes, or edits a file.

Worth Mentioning

  • git-annex - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle, whether due to limitations in memory, time, or disk space.

Password Manager Software

Bitwarden - Cloud/Self-host

Bitwarden - Cloud/Self-host logo Bitwarden is a free and open-source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server.

KeePassXC - Local

KeePassXC - Local logo KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager.

LessPass - Browser

LessPass - Browser logo LessPass is a free and open-source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security.

Worth Mentioning

  • Master Password - A password manager based on an ingenious password-generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site, and your master password. No syncing, backups, or internet access needed.
  • Psono - Free and open source password manager for teams with client side encryption and secure sharing of passwords, files, bookmarks, emails. All secrets are protected by a master password. Uses NACL Crypto, a combination of Curve25519, Salsa20 and Poly1305.
  • Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire username/password list.
  • Pass - Pass is a bare-bones password store that keeps passwords using gpg2 encrypted files inside a simple directory tree residing at ~/.password-store. It has a simple terminal interface where the user can perform the usual actions, and it's functionality can be extended by plugins. It can also be used in scripts without having to input the actual password in plain text.

Calendar and Contacts Sync


Nextcloud logo Nextcloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server.


EteSync logo EteSync is a secure, end-to-end encrypted, and privacy-respecting cloud backup and synchronization software for your personal information (e.g. contacts and calendars). There are native clients for Android, iOS, and the web, and an adapter layer for most desktop clients. It costs $24 per year to use, or you can host the server yourself for free.

Email Providers

Email Providers logo Many email providers also offer calendar and or contacts sync services. Refer to our Email Provider recommendations to choose an email provider and see if they also offer calendar and/or contacts sync.

Worth Mentioning

  • fruux - A unified contacts/calendaring system that works across platforms and devices.
  • Cloud backups - Consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after encrypting them).
  • DecSync - DecSync can be used to synchronize RSS, contacts, and calendars without a server by using file synchronization software such as Syncthing.

File Encryption Software

VeraCrypt - Disk Encryption

VeraCrypt - Disk Encryption logo VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed.

GNU Privacy Guard - Email Encryption

GNU Privacy Guard - Email Encryption logo GnuPG is a GPL-licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government.

PeaZip - File Archive Encryption

PeaZip - File Archive Encryption logo PeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It also supports 180+ archive formats.

Worth Mentioning

  • Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.
  • Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
  • - A cross-platform, serverless JavaScript web application that provides secure file encryption using the AES-256-GCM algorithm in your browser. It can also be downloaded and run offline.
  • Keka - A macOS-only, open-source file archiver with the ability to encrypt files.

Self-contained Networks


Tor logo The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool.

I2P Anonymous Network

I2P Anonymous Network logo The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging, and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open-source and is published under multiple licenses.

The Freenet Project

The Freenet Project logo Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection.

Worth Mentioning

  • ZeroNet - Open, free, and uncensorable websites, using Bitcoin cryptography and BitTorrent network. privacy warning
  • RetroShare - An open source, cross-platform, friend-to-friend, secure, and decentralized communication platform.
  • I2P-Bote - End-to-end encrypted decentralized mail system within the I2P network.
  • GNUnet - GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.
  • IPFS and IPFS Companion- A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. IPFS Companion is a browser extension for redirecting queries to a gateway of your choice (generally local). Important privacy warning
  • Yggdrasil - An early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms, and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4. experimental privacy warning

Decentralized Social Networks

Mastodon - Twitter Alternative

Mastodon - Twitter Alternative logo Mastodon is a social network based on open web protocols and free, open-source software. It is decentralized like email, users can exist on different servers or even different platforms but still communicate with each other. It also has the most users, and the most diverse (in terms of interests) users, it looks good, and it is easy to setup yourself. If you are looking for a server to join, you are welcome to join our hosted instance:

diaspora* - Google+ Alternative

diaspora* - Google+ Alternative logo diaspora* is based on three key philosophies: Decentralization, Freedom, and Privacy. It is intended to address privacy concerns related to centralized social networks by allowing users set up their own server (or "pod") to host content. Pods can then interact to share status updates, photographs, and other social data.

Friendica - Facebook Alternative

Friendica - Facebook Alternative logo Friendica has an emphasis on extensive privacy settings and easy server installation. It aims to federate with as many other social networks as possible. Currently, Friendica users can integrate contacts from Facebook, Twitter, Diaspora, GNU social,, and other services in their social streams.

PixelFed - Instagram Alternative

PixelFed - Instagram Alternative logo PixelFed is a free and ethical photo sharing platform, powered by ActivityPub federation. Pixelfed is an open-source, federated platform. You can run your own instance or join an existing one.

Pleroma - Twitter Alternative

Pleroma - Twitter Alternative logo Pleroma is a free, federated social networking server built on open protocols. It is compatible with Mastodon and many other ActivityPub and OStatus implementations.

Worth Mentioning

  • Minds - An open-source and distributed social networking service, integrating the blockchain to reward the community.
  • Movim - A federated social platform that relies on the XMPP standard and therefore allows you to exchange with many other clients on all devices.

Social News Aggregators


Aether logo Aether is a free and open-source decentralized social news aggregator with a built-in voting system.


Tildes logo Tildes is a web-based self-hostable online bulletin board. It is licensed under GPL 3.0.


Raddle logo Raddle is a public Postmill instance focused on privacy and anti-censorship.

Worth Mentioning

Encrypted Domain Name System (DNS) Resolvers

DNS Provider Server Locations Privacy Policy Type Logging Protocols DNSSEC QNAME Minimization Filtering Source Code Hosting Provider
AdGuard Anycast (based in Cyprus) Commercial No DoH, DoT, DNSCrypt Yes Yes Ads, trackers, malicious domains Serveroid, LLC
BlahDNS Finland, Germany, Japan
Hobby Project No DoH, DoT , DNSCrypt Yes Yes Ads, trackers, malicious domains Choopa, LLC, Data Center Light, Hetzner Online GmbH
Cloudflare Anycast (based in US) Commercial Some DoH, DoT Yes Yes No ? Self
CZ.NIC Czech Republic
Association No DoH, DoT Yes Yes ? ? Self
dnswarden Germany Hobby Project No DoH, DoT , DNSCrypt Yes Yes Based on server choice ? Hetzner Online GmbH
Foundation for Applied Privacy Austria Non-Profit Some DoH, DoT Yes Yes No ? IPAX OG
NextDNS Anycast (based in US) Commercial Based on user choice DoH, DoT, DNSCrypt Yes Yes Based on server choice ? Self
NixNet Anycast (based in US), US, Luxembourg Informal collective No DoH, DoT Yes Yes Based on server choice FranTech Solutions
PowerDNS The Netherlands Hobby Project No DoH Yes No No TransIP B.V. Admin
Quad9 Anycast (based in US) Non-Profit Some DoH, DoT, DNSCrypt Yes Yes Malicious domains ? Self, Packet Clearing House
SecureDNS The Netherlands Hobby Project No DoH, DoT, DNSCrypt Yes Yes Based on server choice ? DigitalOcean, Inc.
Snopyta Finland Informal collective No DoH, DoT Yes Yes No ? Hetzner Online GmbH
UncensoredDNS Anycast (based in Denmark), Denmark, US
Hobby Project No DoT Yes No No ? Self, Telia Company AB

Digital Notebook


Joplin logo Joplin is a free, open-source, and fully-featured note-taking and to-do application which can handle a large number of markdown notes organized into notebooks and tags. It offers end-to-end encryption and can sync through Nextcloud, Dropbox, and more. It also offers easy import from Evernote and plain-text notes.

Standard Notes

Standard Notes logo Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. It features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors. It has also been independently audited (PDF).


Turtl logo Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with.


  • Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See open issue.

Worth Mentioning

  • Notable - The markdown-based note-taking app that doesn't suck.
  • Paperwork - An open-source and self-hosted solution. For PHP / MySQL servers.
  • Org-mode - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system.

Pastebin Services


PrivateBin logo PrivateBin is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256-bit AES. It is the improved version of ZeroBin.


CryptPad logo CryptPad is an open-source, zero knowledge, and real-time collaborative editor. Data is encrypted/decrypted in the browser, using Salsa20 with Poly1305 to encrypt pads.

Productivity Tools


CryptPad logo CryptPad is a private-by-design alternative to popular office tools and cloud services. All content is end-to-end encrypted. It is free and open-source, enabling anyone to verify its security by auditing the code. The development team is supported by donations and grants. No registration is required, and it can be used anonymously via Tor Browser.


Etherpad logo Etherpad is a highly customizable open-source online editor providing collaborative editing in real time. Here are a list of sites that run Etherpad. logo is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model.

Worth Mentioning

  • Cryptee - Free privacy-friendly service for storing Documents, files and Photos
  • EtherCalc - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.
  • Disroot - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
  • dudle - An online scheduling application, free and open-source. Schedule meetings or make small online polls. No email collection or the need of registration.
  • Framadate - A free and open-source online service for planning an appointment or making a decision quickly and easily. No registration is required.
  • LibreOffice - Free and open-source office suite.
  • VSCodium - Fork of Microsoft's Visual Studio Code editor without branding or telemetry.

Metadata Removal Tools


MAT2 logo MAT2 is free software, which allows the removal of metadata of image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Nautilus, the default file manager of GNOME.

Mobile Hardware

A note from the team: It is important to remember that you can only truly have privacy if the devices you use are secure. This includes security against both remote and physical attackers, and passive and active attacks. In the mobile computing space this dramatically limits your available options to devices that many would consider to be unsafe by default. You will need to make both software and lifestyle modifications to make these devices privacy-respecting. If you are unable or unwilling to do so, consider using mobile devices as little as possible, as they are at odds with your privacy almost by design. Please understand that we will never recommend any "privacy-respecting" mobile hardware that sacrifices your security.

Pixel 3 XL

Google Pixel 3

The Google Pixel 3/3 XL and the Google Pixel 3a/3a XL are the only secure Android devices currently on the market that can be made privacy-respecting. They have hardware-backed keystores, verified boot functionality with custom ROMs, attestation support, as well as proper ongoing support for their firmware and proper ongoing support for software specific to the hardware used in the device, which is necessary for complete security updates.

Google OS

Google Pixel devices come with a modified version of Android specific to Pixel devices. This software comes with added functionality specific to Pixel devices, but also is heavily linked with Google and Google Play Services. Using the stock ROM on a Google Pixel device is strongly discouraged. We recommend the use of either GrapheneOS or LineageOS to "de-Google" your device.

GrapheneOS Support

The Google Pixel supports GrapheneOS, the free and open-source mobile operating system we currently recommend for use on mobile devices.

Note that using a custom Android operating system means you have to make the compromise between app availibility and stability, and having decent security and privacy. This operating system does not come with Google Play Services by default, nor is it possible to install Google Play Services or microG. We recommend using F-Droid for app installations as needed, and to avoid third-party apps as much as possible. For this reason, a Pixel with GrapheneOS may not be the best choice for less technical users and users requiring the use of many third-party apps.

Titan M

The Google Pixel 3 has a new hardware security chip, the Titan M, making it more secure than its predecessors or other Android devices. This chip is tasked with protecting your device against boot-time attacks, too many log-in attempts, and secure data storage, among other security-related processes. Unlike other mobile hardware security solutions such as ARM TrustZone, the Titan M is a dedicated chip with physically separate RAM and processing power, preventing sidechannel attacks (a la Spectre, Meltdown, Rowhammer).

iPhone 11 Pro

iPhone 11

The iPhone 11 Pro and the iPhone 11 are some of the most secure and tested mobile devices on the market. They support verified boot, strong sandboxing, and strong hardware security (Secure Enclave). They also receive regular and frequent security updates, and they will receive updates far longer than competing Android devices.

An iPhone does not make people compromise between the avalibility of third-party apps and having strong security and privacy from their device. Therefore we believe it is the most suitable option for less technical users, or users looking for a better out-of-the-box experience.


It is important to note that iOS comes with numerous iCloud integrations, many of which are enabled by default. We recommend advoiding the use of iCloud whenever possible to avoid your personal information being stored on Apple's servers, and we only recommend the use of an Apple ID for App Store use.

Contrary to popular belief, iCloud device backups are currently not End-to-End Encrypted. You should only backup your device using iTunes.

No Known Exploits

There are no known, major hardware exploits for the iPhone 11 series, making them a safer choice over older iPhone models. All iPhone models up to and including the iPhone X are affected by checkm8, a permanent unpatchable bootrom exploit that may compromise your device's security.

This does not mean an exploit is impossible: unc0ver is an iOS 13 software exploit that affects even the iPhone 11, however it has been patched in iOS 13.3.1. Always keeping your device up-to-date is the most important step to take to keep your devices secure.

Worth Mentioning

  • Fairphone 2 Ubuntu Touch - The Fairphone 2 is an interesting look into modular, ethical, and sustainable mobile devices with an emphasis on open source. This our preferred hardware if you wish to run Ubuntu Touch, however using older and less tested hardware like this inherently forces you to make significant security compromises.
  • Samsung Galaxy S3 and Samsung Galaxy Note II ReplicantOS - This is the best hardware available if you wish to run ReplicantOS, however using older hardware like this inherently forces you to make significant security and usability compromises.

U2F Security Keys


SoloKeys logo The SoloKey is the "first open-source FIDO2 security key", available in both USB-A and USB-C variants with optional NFC capability for mobile devices. It is less feature-rich compared to the YubiKey 5 lineup, but at $20 it is a great starting point for securing your accounts, or backup U2F authenticator.

YubiKey 5 Upgrade Pick

YubiKey 5 logo The YubiKey 5 is a multi-protocol security key, providing strong two-factor, multi-factor and passwordless authentication, and seamless touch-to-sign. It supports FIDO2, FIDO U2F, one-time password (OTP), and OpenPGP smart card functionality. It is available in a variety of form factors for desktop or laptop.

Worth Mentioning

  • Nitrokey - A variety of security key products for different workloads. All Nitrokey products are open-source and customizable. The firmware and hardware have been independently assessed by Cure53 in 2015. We have found that there is no best overall product (the Pro 2 lacks Curve25519 while the lower-end Start supports it, for example) and they are lacking a variety of form factors such as USB-C and NFC that would be more convenient for many users.

Home Routers

Turris Omnia

Turris Omnia is a secure, high performance, and open-source home router. It has specifications that would allow it to easily handle Gigabit-level networking, as well as additional functionality (NAS, printserver, or other server type use-cases).

Turris Omnia was created by NIC.CZ, the non-profit .CZ domain registry behind many massive internet open-source projects including Knot (DNS Server), BIRD (Internet routing daemon), and FRED (Domain registry platform). As such, we believe they have the experience required to make a secure routing platform.


Turris Omnia runs OpenWrt, the router operating system platform we recommend for home users. It is an incredibly lightweight operating system perfect for this workload, and it is well supported by its developers.

Secure Defaults

Turris Omnia is configured securely and privately by default. It also features automatic updates that require no user interaction. The lack of updates is a security problem for most home router brands.

Additional Functionality

This device can be used for more than just routing. It is a highly extensible product, allowing you to do things like add mSATA storage. It features a SIM slot that can be used alongside an LTE USB or miniPCIe modem for backup connectivity. It comes with a "virtual server", which allows you to install normal Linux applications or even entirely seperate Linux distros like Ubuntu or Debian independently of the main software, improving security and allowing for safe software experimentation.

Worth Mentioning

  • Pepwave Surf SOHO - A lower-end business-class router with stable, secure, and easy-to-use firmware. Unlike most business-class routers, the interface is easy to use while still feature-rich.

Hardware Wallets

Trezor One

Trezor One logo A fully open-source cryptocurrency wallet with support for over 1,000 coins/tokens. Trezor also has password manager functionality, supports GPG and SSH key storage functionality, and can act as a U2F key, making it a great backup for your U2F key (or vice versa).

Trezor Model T Upgrade Pick

Trezor Model T logo The Trezor Model T supports all the same functionality as the Trezor One, as well as FIDO2 authentication support, a wider variety of coins/tokens, and a full color touchscreen for easier use.

Worth Mentioning

  • Ledger Nano X - A great pick if you are an iOS user, or if the Trezor One does not support the coins/tokens you use. It does have some closed-source components, and it is not as intuitive to use as Trezor's devices.

PC Operating Systems

Qubes OS Xen

Qubes OS logo Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. contrib

Fedora Workstation GNU/Linux

Fedora Workstation logo Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment. contrib

Debian GNU/Linux

Debian logo Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.

Worth Mentioning

  • OpenBSD BSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
  • Arch Linux GNU/Linux contrib - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Parabola is a completely open source version of Arch Linux.
  • Trisquel GNU/Linux - Derived from Ubuntu, this project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
  • Whonix GNU/Linux - A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.

PC Live Operating Systems

Tails GNU/Linux

Tails logo Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages. contrib

Worth Mentioning

  • Fedora Workstation GNU/Linux - Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.
  • Debian GNU/Linux - Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.

Mobile Operating Systems

GrapheneOS AOSP

GrapheneOS logo GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security. contrib

LineageOS AOSP

LineageOS logo LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of the Android Open Source Project. It is the continuation of the CyanogenMod project. contrib

Ubuntu Touch GNU/Linux

Ubuntu Touch logo Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are supported. contrib

Worth Mentioning

  • Replicant AOSP - An open-source operating system based on Android, aiming to replace all proprietary components with free software.
  • OmniROM AOSP contrib - A free-software operating system for smartphones and tablet computers, based on the Android mobile platform.
  • MicroG Add-on Package contrib - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at Lineage for microG.

Android Privacy Add-ons


Control your traffic with NetGuard

NetGuard provides simple and advanced methods to block certain apps from accessing the internet, without requiring root privileges. Applications and addresses can be individually allowed or denied access to your Wi-Fi and/or mobile connections, allowing you to control exactly which apps are able to phone home or not.


Tor for Android with Orbot

Orbot is a free proxy app that empowers other apps to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and then hides it by bouncing through a series of computers around the world. Root Mode: Orbot can be configured to transparently proxy all of your Internet traffic through Tor. You can also choose which specific apps you wish to use through Tor.

See also

Open Source Router Firmware

OpenWrt Linux

OpenWrt logo OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers. contrib

pfSense BSD

pfSense logo pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint. contrib

LibreCMC GNU/Linux

LibreCMC logo LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF).

Worth Mentioning

  • OpenBSD BSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
  • DD-WRT Linux contrib - A Linux-based open-source firmware compatible with several models of routers and access points.

Don't use Windows 10 - It's a privacy nightmare

Windows 10 Privacy
  1. Data syncing is by default enabled.
    • Browsing history and open websites.
    • Apps settings.
    • WiFi hotspot names and passwords.
  2. Your device is by default tagged with a unique advertising ID.
    • Used to serve you with personalized advertisements by third-party advertisers and ad networks.
  3. Cortana can collect any of your data.
    • Your keystrokes, searches and mic input.
    • Calendar data.
    • Music you listen to.
    • Credit Card information.
    • Purchases.
  4. Microsoft can collect any personal data.
    • Your identity.
    • Passwords.
    • Demographics.
    • Interests and habits.
    • Usage data.
    • Contacts and relationships.
    • Location data.
    • Content like emails, instant messages, caller list, audio and video recordings.
  5. Your data can be shared.
    • When downloading Windows 10, you are authorizing Microsoft to share any of above-mentioned data with any third-party, with or without your consent.

Download: W10Privacy

This tool uses some known methods that attempt to disable major tracking features in Windows 10.

Related Information

  • Microsoft Privacy Statement - Microsoft collects, uses and discloses personal information as described here. This allows OneDrive data, Cortana searches, and MS browser history to be sold to third parties.
  • Cortana and privacy - To personalize your experience and provide the best possible suggestions, Cortana accesses your email and other communications and collects data about your contacts (People), like their title, suffix, first name, last name, middle name, nicknames, and company name. If you call, email, or text someone or they call, email, or text you, Cortana collects that person’s email address or phone number.

More Privacy Resources



  • Freedom of the Press Foundation - Supporting and defending journalism dedicated to transparency and accountability since 2012.
  • - German review aggregator website of privacy-related services.
  • Open Wireless Movement - a coalition of Internet freedom advocates, companies, organizations, and technologists working to develop new wireless technologies and to inspire a movement of Internet openness.
  • - What does the US government know about you?
  • r/privacytoolsIO Wiki - Our Wiki on
  • Security Now! - Weekly Internet Security Podcast by Steve Gibson and Leo Laporte.
  • TechSNAP - Weekly Systems, Network, and Administration Podcast. Every week TechSNAP covers the stories that impact those of us in the tech industry.
  • Terms of Service; Didn't Read - "I have read and agree to the Terms" is the biggest lie on the web. We aim to fix that.
  • The Great Cloudwall - Critique and information on why to avoid Cloudflare, a big company with a huge portion of the internet behind it.


  • - IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites.
  • The ultimate Online Privacy Test Resource List - A collection of Internet sites that check whether your web browser leaks information.
  • PRISM Break - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.
  • Security in-a-Box - A guide to digital security for activists and human rights defenders throughout the world.
  • SecureDrop - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
  • Reset The Net - Privacy Pack - Help fight to end mass surveillance. Get these tools to protect yourself and your friends.
  • Security First - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.
  • Osalt - A directory to help you find open source alternatives to proprietary tools.
  • AlternativeTo - A directory to help find alternatives to other software, with the option to only show open source software

Note: Just being open source does not make software secure!

It's important for a website like PrivacyTools to stay up-to-date. Keep an eye on software updates for the applications listed on our site. Follow recent news about providers that we recommend. We try our best to keep up, but we're not perfect and the internet is changing fast. If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing, or a browser plugin is not the best choice anymore, or anything else... Talk to us please. You can also find us on our own Mastodon instance or on Matrix at

Discourse & Reddit

Discourse & Reddit Join our Discourse community to stay up to date on privacy news or make suggestions!

Follow on Mastodon & Twitter

Follow on Mastodon & Twitter Get the latest privacy-related updates from our Mastodon Feed. Follow us today!

Develop on GitHub

The complete website source code is available on GitHub. Join our developer team!

This is a community project aiming to deliver the best information available to improve privacy online. Thank you for participating. This project needs you.